SSH

How can I run Remote Commands on Windows Servers?

Both SSH and ITM Agent communications can be used for running RunBox Tools on distributed Windows Servers in the same fashion as described for UNIX and Linux servers. SSH is not shipped natively with Microsoft Windows but is available from a variety of sources. Cygwin OpenSSH is used in the example below.

To install the Cygwin OpenSSH Daemon on Windows download the setup executable from here. This executable enables the individual packages to be dynamically downloaded from the internet for installation. Select and install “OpenSSH” from the “net” section of the modules.

Post installation it is necessary to configure the SSH daemon. This is completed from a Cygwin terminalrun as the Administrator user (right click on the "Cygwin terminal" icon and select “Run as administrator”). Run the following commands to configure and start the OpenSSH daemon:

ssh-host-config -y

cygrunsrv –start sshd

To enable SSH authentication for a specific Windows user, details of that user must be added to the “passwd” file. From the Cygwin terminal run the commands:

mkpasswd –l –u user_name >> /etc/passwd

At that point it should be possible to connect to the server using a suitable SSH client, for example putty.

RunBox Credentials

To execute a RunBox tool via SSH requires credentials for authentication purposes. OpenSSH permits Public Key authentication in the same manner as UNIX and Linux versions of the utility. Add the public key generated by RunBox to the file “<UserHomePath>/.ssh/authorization_keys” on the target server(s).

RunBox tools for Windows

In addition to native Windows commands it is possible to run scripts or command files from RunBox tools. In the example below the RunBox interpreter “VBScript” has been selected. This is a custom RunBox interpreter defined by the administrator and enables a VBScript to be called directly from a RunBox Tool.

All RunBox Tools can be executed against groups of multiple servers. RunBox will stagger the execution, based on configured limits, displaying the progress interactively. The image below demonstrates the execution of a VBScript on multiple Windows Servers.

Note the pie chart in the top right hand corner to indicate the overall progress and success of the batch execution, the summary information for the servers that have already returned results and the green triangles to indicate the Tool is currently being executed on certain servers.

How can I run Remote Commands via SSH?

RunBox Tools can be executed on distributed servers using SSH, a utility that is widely supported on UNIX and Linux platforms. There are three simple steps to set up a RunBox Tool based on SSH:

Identify the account of the distributed server(s) that will be used for running the remote commands

Configure the Credentials in RunBox

Configure the Tool itself and associate the tool with the relevant credentials

Read on for information on these steps, plus ideas on how to enhance the flexibility of RunBox Tools with parameters.

Identify the SSH Account

Although the root user may be used for SSH connections to UNIX/Linux distributed servers it is suggested that a dedicated user is configured for such management tasks. This may be necessary to comply with company security policies. Most enterprise companies have a user management tool to assist with the user configuration.

Configure the RunBox Credentials

RunBox Credentials define how SSP may authenticate with a distributed server when establishing an SSH connection to execute a RunBox Tool. The definition inludes a user name and may apply to a single server or a group of servers.

Authentication for a specified user may either be via a password or a public key. For public key authentication RunBox will generate and display the required public key, as demonstrated in Figure 3. This key must be added to the file “<UserHomePath>/.ssh/authorization_keys” on the target servers. Note the “Copy to clipboard” button in figure 3 that can assist with this update. The directory “.ssh” and the file “authorization_keys” may need to be created.

Configure the RunBox Tool

RunBox Tools can execute any non-interactive system command, binary or script, for example a Perl or Shell script. User defined “interpreters” identify the interpreters for a specific script type. The example Tool in figure 4 is configured to run a “Perl” script on the selected “Target” via “SSH” authenticating as the user “orbsshu”. The tool is assigned to a Toolbox from the Toolboxestab. It is the Toolboxes association with a Project that identifies the operators that will have access to the new tool and the potential targets.

When executed, this example tool will collect the disk usage for the mounted file systems on the selected servers, Figure 4 illustrates the execution of a file system usage tool on a single server. In this case the file system with the least available space is displayed in the summary in the central frame. The right-hand frame displays more details from the execution, including up to 5 lines from the script standard output. There is also a link to view the full output from the script. The link will open a new window.

Making RunBox Tools more flexible

To maximise the flexibility of the RunBox Tools the operator may be prompted for one or more parameterswhen executing the Tool,for example a log file name. The value entered by the operator can be used to affect the behaviour of the Tool, for example display the last ten lines of the specified log file name.

To create a tool that prompts for operator input at runtime firstly create a Parameter. The parameter configuration includes a unique name, a data type and optionally validation information, for example “not blank” or a regular expression.

The parameter is assigned to the Tool during the Tool configuration (on the Parameters tab). Variables representing the parameter runtime values may then be added as arguments on the Scripttab.

These Tools can be assigned to the relevant operators empowering them to execute necessary tasks efficiently and securely.

About Us

Orb Data brings together People, Process and Technology to deliver the cornerstone of business success: the management of IT infrastructure. At our heart are our people. We have unrivalled experience, helping us to achieve an enviable reputation for excellence in project delivery. Because we’re independent, we identify actual issues and help organisations resolve them –from spec to deployment, and beyond –providing the right solution in terms of best of breed technology and support. We offer a refreshingly simple approach to the way we conduct business. We take pride in our abilities to provide first class solutions to business problems, and to conduct working relationships with honesty and integrity.